Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
Block-Level Security for Network-Attached Disks Marcos K. Aguilera, Minwen Ji, Mark Lillibridge, John MacCormick, Erwin Oertli,
 

Summary: Block-Level Security for Network-Attached Disks
Marcos K. Aguilera, Minwen Ji, Mark Lillibridge, John MacCormick, Erwin Oertli,
Dave Andersen, Mike Burrows, Timothy Mann, Chandramohan A. Thekkath
HP Systems Research Center
Palo Alto, CA
Abstract
We propose a practical and efficient method for adding
security to network-attached disks (NADs). In contrast
to previous work, our design requires no changes to the
data layout on disk, minimal changes to existing NADs,
and only small changes to the standard protocol for ac-
cessing remote block-based devices. Thus, existing NAD
file systems and storage-management software could in-
corporate our scheme very easily. Our design enforces
security using the well-known idea of self-describing ca-
pabilities, with two novel features that limit the need for
memory on secure NADs: a scheme to manage revoca-
tions based on capability groups, and a replay-detection
method using Bloom filters.
We have implemented a prototype NAD file system,

  

Source: Andersen, Dave - School of Computer Science, Carnegie Mellon University
MacCormick, John - Department of Mathematics and Computer Science, Dickinson College
Thekkath, Chandramohan A. - Microsoft Research

 

Collections: Computer Technologies and Information Sciences